Off-by-none: Issue #348

December 16, 2025

Serverless Databases, but for real this time ⚡️

In our previous issue, Werner gave his final re:Invent keynote, Strands Agents added TypeScript support, and Anthropic asked Claude, "How do we IPO?". This week, Aurora DSQL finally provisions at serverless speed, ElastiCache Serverless unlocks safer distributed transactions, and the serverless AI ecosystem is growing well beyond the bounds of AWS. Plus, we have some amazing content from the serverless and cloud communities!

News & Announcements

AWS kicked off the week with a major database win. Amazon Aurora DSQL can now create clusters in seconds, which is a massive quality-of-life improvement, especially for teams spinning up short-lived dev and test environments. Long provisioning times have always been one of the biggest friction points in serverless database workflows, and this pushes DSQL even closer to filling that critical gap.

Another important update was Amazon ElastiCache Serverless now supporting the same-slot WATCH command. This makes it much easier to implement optimistic concurrency control using Redis/Valkey-style transactions in a clustered environment, where all keys must be in a single hash slot. This is a super important capability for correctness and performance in distributed, serverless cache workloads.

Amazon Cognito identity pools now support PrivateLink, enabling private, VPC-only authentication flows. And Amazon Aurora PostgreSQL introduced integration with Kiro Powers (read a deeper dive on the AWS Database Blog). I'm still not sold on Kiro, but having an MCP server with expertise in Aurora PostgreSQL could come in handy.

Outside of AWS, Google’s Vertex AI is expanding flexible deployment options for open models, making it easier to run serverless AI workloads across different environments (what they call MaaS). And multimodal AI provider fal raised $140M, doubling down on a serverless approach to large-scale, multimodal inference and media processing.

Observability relies on accurate data, but insight comes from context and exploration. Honeycomb combines high-fidelity telemetry with AI tools like Canvas and MCP to help humans and AI agents understand complex production behavior with clarity and confidence. Learn more about what matters when bringing AI into observability. Sponsored

Tutorials

• Batch publishing Twitch chatroom messages - with AWS Lambda Durable Multi-Step Executions by Jack McGuire
• Workflow orchestration with Lambda Durable Functions — part 2 by Chris Dobson
• Transforming Unstructured Documents into JSON with AWS Bedrock by Carlos Biagolini Jr.
• Inside a Low-Cost, Serverless Data Lineage System Built on AWS by Rohit Muthyala
• My First Durable Lambda Function by Steve Morland
• Building an "Unstoppable" Serverless Payment System on AWS (Circuit Breaker Pattern)
• DynamoDB Primary Composite Keys - When you find yourself in a situation requiring you to modify a composite sort key by Denise Ignatova
• The importance of batching writes at scale when using serverless tools by JK Gunnink
• Architecting conversational observability for cloud applications by Anton Aleksandrov, Eric Anderson, Lucas Soriano Alves Duarte, and Tiago Reichert

Reads

Your 2026 Serverless Strategy: Top 10 re:Invent 2025 Features You Can’t Afford to Miss
Minoltan Issack's curated list of the recent serverless announcements that matter: CloudFront flat-rate pricing, Lambda IPv6 support (bye NAT Gateway costs), API Gateway response streaming, 1MB async payloads, native tenant isolation, and direct API Gateway → ALB integration without the NLB middleman.

AWS Database Savings Plans: Six Years of Complaining Finally Pays Off
It looks like snark and sh*t-posting for six years ultimately got Corey a win. I've always found asking nicely works better, or maybe I'm just really persuasive (you can thank me for scale-to-zero DSQL by buying me a beer). 🍺

The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks
Cloudflare's excellent annual recap of a year filled with content hungry AI bots (Googlebot alone was responsible for 4.5% of all HTML requests and "user action" crawling jumped 15x), over half of human web traffic becoming post-quantum encrypted, and 174 major internet outages.

The Cliff of Infrastructure as Code
The notion that IaC has hit its limits isn't new. It reached its cliff well before AI changed everything, and "infrastructure that dynamically maps to reality" is something we've been building at Ampt for years. This piece quickly pivots to a sales pitch, but when a Terraform/Pulumi alum says the declarative model can't handle Day 2 operations, the first half still resonates.

Durable Functions and Werner Vogels' Last Keynote: Highlights of AWS re:Invent 2025
Renato Losio's thorough re:Invent roundup cuts through the AI keynote noise to highlight what practitioners actually care about: Lambda Durable Functions, Database Savings Plans, and Werner Vogels' final keynote after 14 years. There's also plenty of sharp community reactions and the context you need to separate reality from hype.

New AWS Lambda Durable Functions – Do they replace Step Functions?
Ian Carlson does a solid job framing the "code vs config" tradeoff that will define your choice between Durable Functions and Step Functions. Just note that even though it's GA, it's still only available in us-east-2, and the article glosses over Step Functions' parallel execution and native service integrations that remain genuinely useful.

Serverless without Compromises: Lambda on Provisioned EC2 changes the game
A thoughtful take by Emanuel Russo on Lambda Managed Instances that correctly frames the real question: when does Lambda's cost curve cross EC2? Good catches on CPU/memory flexibility and the compliance caveat, but I'd like to see actual pricing numbers instead of conceptual graphs. The cold start elimination claim needs nuance around scale-out scenarios as well.

Podcasts, Videos, and more

• Serverless Craic Ep78 How the BBC Built a Serverless-First Architecture at Global Scale Case Study from The Serverless Edge
• AWS Lambda Managed Instances | Serverless Office Hours with Julian Wood, Debasis Rath, Sisira Narayana, and Rohan Mehta
• AWS Lambda durable functions | Serverless Office Hours with Eric Johnson, Michael Gasch, Julian Wood
• DEV Track Spotlight: Unleash Rust's Potential on AWS (DEV307) with AJ Stuyvenberg and Darko Mesaroš

New from AWS

• Announcing cost allocation using users’ attributes
• Amazon CloudWatch SDK supports optimized JSON, CBOR protocols
• AWS Shield network security director now supports multi-account analysis
• Amazon RDS and Aurora now support resource tagging for Automated Backups
• AWS Billing and Cost Management now supports PDF export and CSV data download for Dashboards

Security

React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques
React Server Components got its first critical RCE vulnerability (CVSS 10.0), and attackers weaponized it within hours. 582 million exploit attempts in the first week alone! 😳 If you're running RSC, patch now.

Final Thoughts 🤔

The last few weeks have felt like one of those quiet inflection points. Like a bunch of long-standing serverless paper cuts are finally starting to heal. Durable Functions, Lambda Managed Instances, API Gateway streaming, DSQL provisioned in seconds. Each one quietly removes another reason people hesitated to go all in. It’s taken 11 years to get here, but serverless keeps (slowly) shedding its “yes, but…” objections with every new announcement. It’s not a silver bullet. It never will be. But the case for a serverless-first approach keeps getting stronger every day.

At the same time, the center of gravity is clearly shifting beyond any single provider. The serverless AI ecosystem is moving fast, and OpenAI’s recent Code Red moment, sparked by Google Gemini putting them on their heels, was a reminder of just how fragile today’s advantages really are. These companies are operating at enormous scale. Often at negative margins. And the moat gets shallower every day. In this current environment, flexibility matters more than ever. The ability to build, adapt, and ship without heavy infrastructure commitments may end up being one of the quiet but decisive advantages of a world where serverless is assumed, not debated.

Take care,
Jeremy

I hope you enjoyed this newsletter. We're always looking for ideas and feedback to make it better and more inclusive, so please feel free to reach out to me via Bluesky, LinkedIn, X, or email.